120933 matches found
CVE-2025-41390
An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...
CVE-2025-41390
CVE-2025-41390 concerns an arbitrary code execution in TruffleHog 3.90.2 through the Git core.fsmonitor handling. A specially crafted repository (e.g., copied file-for-file via tar/cp/rsync) can trigger execution when Git operations are invoked by tooling, due to a malicious core.fsmonitor value ...
CVE-2025-41390
An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...
CVE-2025-61932
Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...
EUVD-2025-35038
Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...
CVE-2025-61932
Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...
Lanscope Endpoint Manager (On-Premises) vulnerable to improper verification of source of a communication channel
Overview Lanscope Endpoint Manager On-Premises provided by MOTEX Inc. contains the following vulnerability. Improper verification of source of a communication channel CWE-940 - CVE-2025-61932 MOTEX Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and...
USN-7826-2: Samba vulnerabilities
USN-7826-1 fixed vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Andrew Walker discovered that Samba incorrectly initialized memory in the vfsstreamsxattr module. An...
CVE-2025-11948
Document Management System developed by Excellent Infotek has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-11948
CVE-2025-11948 affects the Document Management System by Excellent Infotek. Descriptions across Red Hat, NVD, CIRCL and CVE lists report an Arbitrary File Upload vulnerability that enables unauthenticated remote attackers to upload and execute a web shell, leading to arbitrary code execution on t...
thunderbird: firefox: Memory safety bugs
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corrupti...
VulnCheck KEV: CVE-2022-28054
Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...
TruffleHog 安全漏洞
TruffleHog is an open source tool from Truffle Security. A security vulnerability exists in TruffleHog version 3.90.2, which stems from a specially crafted repository could lead to arbitrary code execution...
VulnCheck KEV: CVE-2025-61932
Lanscope Endpoint Manager On-Premises Client program MR and Detection agent DA improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets...
SLiMS 9 Bulian 安全漏洞
SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version 9.6.1, which stems from...
GeoVision GV-BX1500和GeoVision GV-MFD1501 安全漏洞
The GeoVision GV-BX1500 and GeoVision GV-MFD1501 are both a series of indoor IP cameras from GeoVision China. A security vulnerability exists in the GeoVision GV-BX1500 and GeoVision GV-MFD1501 that stems from a remote command injection in /PictureCatch.cgi, which could lead to the execution of...
Truffle Security Co. TruffleHog git arbitrary code execution vulnerability
Talos Vulnerability Report TALOS-2025-2243 Truffle Security Co. TruffleHog git arbitrary code execution vulnerability October 20, 2025 CVE Number CVE-2025-41390 SUMMARY An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially...
JLSEC-2025-123 libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale h...
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
FreeBSD : Mozilla -- Memory safety bugs (ed132d42-ab81-11f0-b961-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ed132d42-ab81-11f0-b961-b42e991fc52e advisory. [email protected] reports: Memory safety bug. This bug showed evidence of memory corruption and we...
[slackware-security] sqlite
New sqlite packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/sqlite-3.50.4-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: A memory corruption issue caused by improper handling...